| Analytic 0842 - AN0842 (22ff1717-6ba8-4908-b795-edf0c41a997e) |
Analytics |
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 (68b7c978-74e4-4f87-a953-2a4e752f56c2) |
Detection Strategies |
1 |
| Port Knocking - T1205.001 (8868cb5b-d575-4a60-acb2-07d37389a2fd) |
Attack Pattern |
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 (68b7c978-74e4-4f87-a953-2a4e752f56c2) |
Detection Strategies |
1 |
| Analytic 0844 - AN0844 (39da0718-fa22-4f77-8bd2-ea8300087658) |
Analytics |
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 (68b7c978-74e4-4f87-a953-2a4e752f56c2) |
Detection Strategies |
1 |
| Analytic 0843 - AN0843 (7bf8954f-5028-419d-b93f-9c6bfe6e5086) |
Analytics |
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 (68b7c978-74e4-4f87-a953-2a4e752f56c2) |
Detection Strategies |
1 |
| Analytic 0845 - AN0845 (fe82e2a6-a928-4fe0-a899-fead90eabb29) |
Analytics |
Port-knock → rule/daemon change → first successful connect (T1205.001) - DET0302 (68b7c978-74e4-4f87-a953-2a4e752f56c2) |
Detection Strategies |
1 |
| Port Knocking - T1205.001 (8868cb5b-d575-4a60-acb2-07d37389a2fd) |
Attack Pattern |
Traffic Signaling - T1205 (451a9977-d255-43c9-b431-66de80130c8c) |
Attack Pattern |
2 |